On Wed, Sep 15, 2010 at 11:30 AM, McDowell, Brett
<bmcdowell(_at_)paypal-inc(_dot_)com> wrote:
I believe only the ADSP documents talk about 3rd party, and it is
defined as d= not From Domain.
These are 3rd party:
DKIM-Sig: ... d=dkim.bar.com
From: foo(_at_)bar(_dot_)com
DKIM-Sig: ... d=beer.com
From: foo(_at_)bar(_dot_)com
I believe Patrick defined 2nd party to be:
DKIM-Sig: ... d=dkim.bar.com
From: foo(_at_)bar(_dot_)com
the maawg meeting was a first that I've heard that.
First party is of course:
DKIM-Sig: ... d=bar.com
From: foo(_at_)bar(_dot_)com
BUT I really thinking making such distinctions is the wrong approach.
It really doesn't matter what type of signature it is. I'd even
advocate for a DKIM update that would cause all signatures to be 2nd
or 3rd to enforce the point.
That seems aligned with Steve's point about DKIM's value coming (only?) when
the d= value is not the same as the domain-name in the from: field. So
according to you (and Steve?) the IETF should pass a normative requirement
that all verified email be hired out to 3rd parties?! That strikes me as
very anti-Internet.
Ah, you just enforced my point. Review the 3rd party definition again.
DKIM-Sig: ... d=dkim.bar.com
From: foo(_at_)bar(_dot_)com
This is considered 3rd party. Even though it is controlled by the same entity.
same with this example.:
DKIM-Sig: ... d=aol.com
From: foo(_at_)aim(_dot_)com
It seems Stephen considers this off topic, so anything further should
be taken off-list.
--
Jeff Macdonald
Ayer, MA
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html